Compliance
Canada's Cybersecurity Strategy and the Push for SBOM Adoption
Canada is integrating software supply chain security into its national cyber strategy. Here's where SBOMs fit in and what's coming next.
Sep 12, 20235 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Canada is integrating software supply chain security into its national cyber strategy. Here's where SBOMs fit in and what's coming next.
Flutter's pub ecosystem is growing fast. The security tooling has not kept pace. Here is what you need to know about securing Dart dependencies.
GitHub Packages integrates tightly with GitHub Actions and repositories. Its security features are convenient but have gaps that teams need to understand.
Most security dashboards display data nobody acts on. Here is how to build supply chain metrics that actually drive security improvement.
gRPC's binary protocol and HTTP/2 transport make it fast. They also make it harder to inspect, monitor, and secure than REST APIs. Here is what you need to know.
The SLSA framework reached v1.0 in April 2023, providing a practical framework for software supply chain integrity that's already being adopted by major package registries.
As compute moves to the edge, software supply chain security must adapt to environments with limited visibility, constrained resources, and vast attack surfaces.
Build systems transform source code into deployable artifacts. When attackers poison the build, every artifact is compromised. Here is how it happens.
Buying software through AWS Marketplace or Azure Marketplace feels safe. But what security verification actually happens before a listing goes live?
Weekly insights on software supply chain security, delivered to your inbox.